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ABSTRACT 


This thesis presents an analysis, design and 
implementation of the Naval Postgraduate School's Sensitive 
Compartmented Information Facility (SCIF) consolidated 
Access database and website. The database was designed 
using a Microsoft Access 2000 relational database. This new 
database consolidates two previously separate personnel and 
classified inventories databases. The SCIF website was 
created utilizing Macromedia's Dreamweaver MX. Active 
Server Pages are used to provide connectivity between the 
website and database. The website accessible via any 
standard browser will provide the capability for designated 
users to manipulate data in the database. Protection of 
sensitive data is implemented utilizing Macromedia's 
embedded user authentication features. 
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I. INTRODUCTION 


A. BACKGROUND 

The Naval Postgraduate School (NPS) Security 
Manager/Special Security Officer (SSO), as part of his 
overall responsibilities to safeguard classified 
information, maintains up-to-date, accurate personnel and 
classified material inventories. To aid accomplishment of 
these tasks, the NPS Security Manager had attempted to 
develop two separate flat-file databases using Access 95/97 
to track mission-critical information. 

These databases, while minimally acceptable in the 
past to simply track personnel and classified material, are 
obsolete and no longer fully support the staff's expanding 
information needs. As designed, these database systems do 
not interface with each other, requiring the use of two 
separate applications and duplicate data entry by database 
maintainers. For reasons unknown to the SSO staff, the 
existing materials database is not functioning properly and 
data corruption is suspected as database modify controls 
were enabled for both database users and maintainers. 
Additionally, since the databases were placed into the 
production environment, several new business practices have 
evolved, requiring a more versatile and robust database. 

A functional relational database would reduce 
redundant data entry requirements, ease user interaction 
with the large amounts of data involved, and improve 
customer service and accountability. As Microsoft 2000 
products are in widespread use at the Naval Postgraduate 


1 



School, the front-end of the Sensitive Compartmented 
Information Facility (SCIF) database will be an Access 2000 
project. 


B. PURPOSE 

The purpose of this research is to provide an 
integrated intranet and dynamic access database application 
for the Security Manager that: 

1. Implements user-level security to prevent 
unauthorized access to SCIF information. 

2. Combines functionality of two existing databases 
with additional features required by the end-users into one 
consolidated user-friendly application. 

3. Store the database on a server to enable multiple 
user access . 


The objectives of this thesis are: 

1. To develop and design a consolidated Access 2000 
Database for the personnel and classified material 
inventories. 

2. To allow users access to Security Manager 
specified information on the Classified Intranet via any 
standard web browser (i.e., Internet Explorer). 

3. To provide a user-friendly front-end interface, 
allowing users with limited computer skills to retrieve 
information as needed. 
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4 . To 
allows any 
modifications 


provide comprehensive documentation 
database-savvy administrator to 
allowing for future database upgrades. 


that 

make 


5. To address database security issues by 
implementing user-level security and permission settings. 


C. SCOPE AND ORGANIZATION OF STUDY 

The scope of thesis included the following: 


1. Process 

A comprehensive requirements analysis for the proposed 
database was conducted. The primary requirement generation 
method used included conducting ongoing interviews with 
stakeholders concerning desirable changes and inclusions 
for the new and improved database. 

2. Design 

During the design phase, new database templates that 
combine current information requirements with capabilities 
desired by the stakeholders were developed. Access and 
Dreamweaver forms provide the interface to information in 
the SCIF database. 
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3. 


Import Data 


The new database was populated by importing the 
existing database data into the new database system after 
the integrity of the data was verified. 

4. Prototype 

Two phases were used to prototype the database. A 
standalone version of the new database was developed and 
tested using Access 2000. The second phase consisted of 
testing the prototype database using a front-end and back¬ 
end . 


5. Front-end/Back-end 

Following an evaluation period of the stand-alone 
prototype, the Access database was connected to a front-end 
intranet web site. 

6. Documentation 

The model, including the design and implementation of 
the SCIF relational database, was documented. 

D. CHAPTERS 

This thesis is organized as follows: 

• Chapter I Introduction - provides a brief 
description of the objectives of the thesis, the 
scope, organization and methodology of study. 
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Chapter II Access 2000 Definition and Design - is 
a detailed description of the Access database 
concepts and design. 

Chapter III Access 2000 Project - is detailed 
description of the Access database project. 

Chapter IV Intranet and Database Connectivity - 
describes how the database will be accessible via 
the classified intranet. 

Chapter V Summary - This chapter provides a short 
summary of the thesis and addresses possible 
future modifications. 

Appendix I - User's Manual. 
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II. DATABASE DEFINITION AND DESIGN 


This chapter will explain the defining characteristics 
of relational database systems. Specifically, this chapter 
will address Microsoft Access 2000 concepts used in 
creating the SCIF database. Topics covered will include 
referential integrity, primary and secondary keys, 
normalization and join properties. 

A. MICROSOFT ACCESS 2000 

Microsoft Access 2000 is a powerful and robust 32-bit 
relational database management system used for creating 
desktop and client/server database applications. Access 
2000 is a part of the Microsoft Office 2000 Professional 
and Developer editions. 

1. New Features 

There have been several changes from Access 97 to 
Access 2000. The most significant change is the adoption 
of ActiveX Data Objects (ADO) 2.1, which replaces Data 
Access Objects (DAO) embedded in previous Access versions. 
While still supporting databases using DAO, the future of 
data and database connectivity for Office will be based on 
ADO, making DAO obsolete in the long term. In the past 
Access used macros for programming. Access 2000 continues 
to use macros; however, Microsoft recommends that database 
designer's start transitioning to Visual Basic for 
Applications (VBA) 6.0 as macros may not be supported in 
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future versions of Access. Access 2000 offers Internet- 
related features for creating HTML documents for use on 
intranets and the Internet. Perhaps the most important 
improvement in Access 2000 is the addition of Data Access 
Pages (DAP) which allow the display of static web pages. 
[ 1 ] 

2. Security 

Access is designed for creating applications for 
multiple users. Access has a security system that prevents 
unauthorized persons from viewing or modifying database 
files shared on networks. Access 2000 inherits security 
features from Microsoft's SQL Server. [1] 

3. System Requirements 

Access 2000 is a resource-intensive application as are 
all Office 2000 software packages. Office 2000 requires a 
Pentium PC with a minimum of 32 MB of RAM, Windows 95/98/NT 
v4.0/2000 and a minimum of 400MB of free space. [1] 

4 . Access Objects 

A full scale Access application includes various types 
of objects. Access table, form, report and query objects 
serve the four basic functions of Access that organize data 
in an application structure. 
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Data Organization 


a. 

Good database design requires the use of a top- 
down sequence. Tables are created first; queries based on 
those tables are created next; and finally forms and 
reports are created using queries. Figure 1 shows the 
basic organization in sequence. [1] 



Figure 1. The Basic and Supporting Functions of Access 


(After:[1]) 












Table - An object that stores information added 
to the database by the user. Forms are the 
medium used for data entry. [1] 

Query - An object that allows filtering, sorting 
and combining of data. Good database design 
dictates forms and reports be based on queries. 
[ 1 ] 

Forms - An object used to enter and view data in 
the database. A form presents data in logical 
format. Forms are user friendly and the use of 
format controls ensures correct data entry via 
dropdown boxes and validation rules. [1] 

Reports - Allow the printing of detailed, summary 
information from both queries and tables. The 
ability to provide meaningful reports is one of 
the defining purposes of a database. [1] 


b. Supporting Functions 

Supporting functions provide the database with 
additional options that improve functionality 
exponentially. 

• Macro - A sequence of actions that automates 
repetitive database operations. [1] 

• Modules - Functions and procedures written in the 
Visual Basic for Applications (VBA) programming 
language. The capabilities of modules exceed 
those of standard macro actions. Modules will 
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eventually replace macros in future releases of 
Access. [1] 

• Security - Allows granting access and permissions 
to users or groups, restricting their ability to 
view or modify all or a portion of the tables in 
the database. [1] 

• Printing - Allows virtually anything viewed in 
Access's run mode to be printed.[1] 

• Publishing - Allows publishing of World Wide Web 

(WWW) pages using Data Access Pages (DAP). [1] 

B. THE RELATIONAL DATABASE MANAGEMENT SYSTEM (RDMS) 

An RDMS is an application that can create, organize 
and edit information. The information may be displayed 
through user or designer selected views and printed in 
formatted reports. Most RDMSs include macro functionality 
or a macro language. Access, a desktop RDMS, uses the 
programming language Visual Basic for Applications. 

One of the advantages of a RDMS is the ability to use 
multiple relationships between tables that store data. 
Multiple relationships overcome inherent storage 
inefficiencies created when all information is placed in a 
single table and improve database effectiveness. A unique 
identification number is required for each record entered 
into a table. This identification (ID) number is usually 
assigned automatically by the database and serves as the 
primary key when in its parent table and as a foreign key 
when it is in an associated table. Association of the two 
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tables using primary and foreign keys creates a 
relationship . 

Relationships between tables can exist in four 
forms:[1] 

1. One-to-one relationships: In a one-to-one 
relationship, a record from the primary table is related to 
only one record in the associated table. 

2. One-to-many relationship: In a one-to-many 
relationship, a record in the primary table may have many 
related records in the second table, but for any record in 
the second table, there is only one matching record in the 
first table. This is the most common of the relationship 
types . 

3. Many-to-one relationship: A many-to-one 
relationship is much the same as a one-to-many 
relationship, only viewed from the opposite vantage point. 

4. Many-to-many relationships: A many-to-many 
relationship occurs when there are no unique relationships 
between tables. This type of relationship is resolved by 
making an intermediate table that connects two one-to-many 
relationships. 

C. JOIN PROPERTIES 

A join is the process of linking tables or queries by 
associating data fields in the tables or query. The 
default field for association is the primary key field in 
one table to those that have the same key field in the 
associated table. 
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There are four types of joins in a database. [1] 


1. Equi-join (inner joins) : The equi-join is the 
most common type of join. This type of join returns only 
values from both tables. 

2. Outer join: A join that returns all rows from one 
of the tables even if there are no matching values from the 
other table. 

3. Theta join: A join that allows relating data by 
using comparison operators other than the equal sign (=) 
are named Theta joins. Theta joins are created by using 
the less than (<) or greater than (>) signs. 

4. Self-join: A self-join relates data parameters 
within a single table. 

D. REFERENTIAL INTEGRITY 

Referential integrity is probably the most important 
feature in database design that is available in all 
versions of Access. Referential integrity prevents the 
creation of records without connection to a primary table. 
Referential integrity enforcement prevents deletion or 
modifications of data in a parent table (the one side in a 
one-to-many relationship) on which data from child table 
(the many side in a one-to-many relationship) depend. Two 
update features help maintain referential integrity: 
cascading updates and cascading deletions. The cascading 
update feature automatically updates all known associations 
after a record is changed in the database. Cascade delete. 
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after deletion of a record, deletes any associated records. 
[2] As such, the cascade delete function should be used 
with care as it may cause unintentional loss of data and 
corruption of the database. 

E. KEYS 

Each table in a database must have a key assigned. A 
key uniquely identifies a row. There are two types of 
keys: primary and foreign. A primary key is a field that 
uniquely identifies a record. A foreign key is the primary 
key from one table inserted into another table in the 
database. The primary key can be based on more than one 
field in the record; for instance, a primary key may 
include a foreign key and one or more fields in the record. 

F. NORMALIZATION 

Normalization is the process of evaluating and 
converting a relation to reduce the number of modification 
anomalies. An anomaly is an undesired consequence of data 
modification. The purposes of normalization include the 
following [3]: 

• Elimination of duplicate information in tables. 

• Accommodation of future changes in the structure 
of tables. 

• Minimization of database structural change on 
user applications that utilize the data. 
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1. First Normal Form (INF) 

First normal form requires that a table contain no 
repeating groups and that data cells contain only one 
value. It also requires that all columns in a relational 
database table be unique. Any table that contains 
duplicate data must be separated into two separate tables 
to satisfy first normal form criteria. 

2. Second Normal Form (2NF) 

Second normal form requires that all non-key columns 
be fully dependent on the primary key, which requires each 
column to be determined by the primary key. A table must 
be in first normal form before applying second normal form 
rules. Second normal form will reduce redundancy errors 
associated with the first normal form criteria. 

3. Third Normal Form (3NF) 

Third normal form requires that tables conform to both 
first and second normal forms. It also requires that all 
non-key columns be dependant on the table's primary key and 
independent of each other (i.e., no transitive 
dependencies) . Third normal form eliminates most of the 
anomalies known in databases today and is the most common 
standard for normalization in commercial databases. 

4. Fourth Normal Form (4NF) 

Fourth normal form is a unique type of normalization 
that pertains to tables when many-to-many relationships 
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occur requiring that independent data entries be stored in 
the same table. A table is in fourth normal form when all 
multi-valued dependencies have been eliminated. 

5. Fifth Normal Form (5NF) 

Fifth normal form requires compliance with the rules 
of third normal form and fourth normal form when many-to- 
many relationships exist. Fifth normal form requires 
reconstruction of the original table from previously 
separated tables to achieve normal form requirements. 
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III. SCIF DATABASE REQUIREMENTS AND DESIGN 


The SCIF database is designed to meet certain 
requirements. First the database must be able to store 
relevant information on personnel and classified libraries 
data. Second, the SCIF database will be intranet 
accessible via any standard web browser. Third, access to 
database information must be secured by implementing four 
access levels: 

• The normal user will be able to view only the 
classified inventory. This is most restrictive 
access level. 

• The extended user will have read privileges for 
both the personnel and data portions of the 
database. 

• The limited administrator will have full 
read/write access to the data contained in the 
database. 

• The administrator is the least restrictive access 
level. The administrator will have full access 
and control over the database, including the 
ability to modify the database schema. 

A. SCIF ENTITIES 

There are four entities in the SCIF database. The 
following. Table 1, lists the four entities embedded in the 
security manager relational database; the table also 
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provides a brief description of each table's associated 
business rule. 


Entity 

Business Rules 

Personnel 

Information concerning personnel entered 


into the database 

Data 

Information concerning materials entered 


into the database 

Personnel_ 

Contains information regarding personnel 

Data 

that have custody of data 

Access Level 

Contains personnel access level related 

of Personnel 

information 


Table 1. SCIF Entities 
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The personnel table below. Table 2, contains 
descriptive information about each attribute in the 
personnel table. 


PERSONNEL 

Data Type 

Description 

PersonnelID 

AutoNumber 

A unique identification 

number assigned by Access to 

each person 

LastName 

Text 

Last Name 

FirstName 

Text 

First Name 

SSN 

Text 

Social Security Number 

Phone 

Text 

Telephone Number 

Bldg# 

Text 

Building Number 

Room# 

Text 

Room Number 

SIPRNETID 

Text 

Secret Internet 

Identification 

SIPRNETEMAIL 

Text 

Secret Internet Email Address 

NSANETID 

Text 

National Security Agency 

Internet Identification 

NSANETEMAIL 

Text 

National Security Agency 

Internet Email Address 

UNIXID 

Text 

(UNIX) Identification 

UNIXEMAIL 

Text 

UNIX Email Address 

JDISSID 

Text 

Joint Deployable Information 

Security System (JDISS) 

Identification 

JDISSEMAIL 

Text 

Joint Deployable Information 

Security System Email 


Table 2. Personnel Entity 
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The data entity. Table 3, contains descriptive 
information about each attribute in the data table. 


Data 

Data Type 

Description 

Dat alD 

AutoNumber 

A unique identification 

number assigned by Access to 

each piece of data 

BarCode# 

Text 

A unique identification 

number assigned by Access to 

each person 

Classification 

Text 

Barcode number of the piece 

of material 

Originator 

Text 

Originator of Material 

DIA Production# 

Text 

DIA Production number of 

material 

Copy# 

Number 

Copy# of material 

DateofMaterial 

Date/Time 

Date material created 

Subject 

Text 

Subject of material 

Date Received 

Date/Time 

Date material received at the 

command 

Abstract 

Text 

Brief overview of material 

MediaTypeID 

Text 

Type of media the material is 

contained in 

LastUpdate 

Date/Time 

Date of last update 

Destroyed 

YES/NO 

Material destroyed (Yes/No) 

DateDestroyed 

Date/Time 

Date material destroyed 

Destroyedby 

Text 

The person destroying the 

material 

Witnessedby 

Text 

The person witnessing the 

destruction of the material 
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Authorizing 

Person 

Text 

The person authorizing the 

destruction or transfer of 

the material 

Safe# 

Number 

Safe# where the material is 

stored 

Drawer# 

Number 

Drawer# where the material is 

stored 

CheckoutDate 

Date 

Date material checked out 

CheckInDate 

Date 

Date material checked in 

Other 

Text 

Other pertinent information 


Table 3. Data Entity 

Table 4, the Personnel_Data table contains the 
PersonnellD and DatalD primary keys. The Personnel_Data 
joins the personnel table to the data table. 


Personnel_Data 

Data Type 

Description 

PersonnellD 

Number 

A unique identification 

number assigned by Access to 

each person 

DatalD 

Number 

A unique identification 

number assigned by Access to 

each piece of data 


Table 4. Personnel_Data Entity 


The access table contains descriptive 
about each person and their associated access 


information 
levels . 
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Access 

Data Type 

Description 

AccessID 

AutoNumber 

A unique identification 

number assigned by Access to 

each person 

PersonnellD (FK) 

Number 

A unique identification 

number assigned by Access to 

each person 

Level 

Checkbox 

Access level of personnel, a 

choice of SI, TK, BYE, GG, 

EU, or NK 


Table 5. Access Entity 
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The additional tables contain information about the 
database's lookup tables, destroyed data tables and sub¬ 
custody tables. 


Additional 

Description 

Tables 


Safe Lookup 

Safe numbers in SCIF 

Drawer Lookup 

Drawer numbers in safe 

Media Type 

Dropdown menu with a choice of CD, DVD, 

Lookup 

Floppy Disk, Publication, Video, Working 


Papers or Zip Disk 

Authorization 

List of personnel with destruction 

Lookup 

authorization. 

Destroyed Data 

Table of destroyed data 

Subcustody Data 

Table of data that is checked out to 


personnel 


Table 6. Additional Tables 
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B. SCIF ENTITY RELATIONSHIP DIAGRAM 

Figure 2 shows the four tables and associated 
attributes in the SCIF database. It displays the three 
one-to-many relationships that connect the four tables 
together and associated lookup tables. The Personnel and 
Access Level of Personnel is a one-to-many relationship. 
The one-to-many relationship states that personnel can have 
more that one access level. By design, the Personnel and 
Access Level one-to-many relationship enforces referential 
integrity by selecting the cascade update of related fields 
and cascade delete of related records. The database is 
designed in this manner so that when a person is deleted 
from the database, the associated access levels are also 



Figure 2. 


SCIF Entity Relationship Diagram 












































deleted from database tables and queries. The Personnel 
and Data tables have a many-to-many relationship. The 
Personnel_Data table is the intermediate table that 
connects two one-to-many relationships. Enforcement of 
referential integrity for this many-to-many relationship 
will allow the cascade update of related fields. The 
cascade delete of related records is not selected for the 
personnel-data relationship for two reasons. First, it 
alerts the database maintainer that the person to be 
deleted has not returned classified data checked out from 
the library. Second, it forces the database maintainer to 
place the data back into the SCI library circulation, 
allowing other users possible access to that data. 


C. NPS SCIF DATABASE FORMS 

The first form that a user will see is the SCIF 
startup form displayed in Figure 3. 



Figure 3. Start-up form 
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It has three headings: database management, forms and 
reports. Located underneath the database management (Dbase 
Mgmt) heading is an action button to append destroyed data 
from the active database into a destroyed data table. The 
purpose of the destroyed data table is to maintain an 
archive of all data that has been destroyed. 

Below the forms heading there are data, personnel, 
username and password action buttons to enter related 
information. Under the reports heading there are action 
buttons to print destruction information, data location, 
personnel access, subcustody reports, and NSANET related 
data. 

The data form, shown in Figure 4, allows the user to 
enter all data related information into the SCIF database. 
It also allows the user to enter destruction-related 
information. 



Figure 4. Data Form 
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The personnel form, shown in Figure 5, allows the user 
to enter data about people stationed at the Naval 
Postgraduate School. This form has a main form, which 
contains personnel general data, and four tabbed sub-forms 
that contain data related to each person. The first sub¬ 
form documents NSANET, UNIX, SIPRNET and JDISS account 
related information. 


5 i.Microsoft Access - [Personnel] 


S Tilt |dt li-Mrt Por-'^at RtiCOfdS Toote MndOM H«lp 

u y nu M 


Ljja 


Personnel Form 


Add Personnel 


Delete Record 


Clo»e Form 


J kjUfaiiria'lHI 


Person e«*D 


Plior-nr 


UutNaRtc! 

• 

Bldatl 


First Nams| 

Room«| 


S8N{ 



ACCttJICS 

SaAcuhih»i j Convwrct 




1 '.R3*wr c 

NSANTTEIMIl 


|«M»£riv»j8<;i 8 
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Eigure 5. SCIE Personnel Account Eorm 


27 





























Figure 6 
subform which 
person. 


depicts the personnel 
documents the various 


form with the second 
access levels of each 



Figure 6. 


Personnel Access 


Level 


Form 
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Figure 7 depicts the personnel subcustody form and 
shows relevant classified data custody information. This 
form is used to check classified documents out to 
personnel. The DatalD field is a dropdown menu that will 
display information available for checkout. Once the item 
is selected the associated Barcode, Subject and 
Classification fields will automatically update. 


Personnel Form Add Personnel Close Form 



PersonnellD 

(AutoNumber) Phone# 


Last Name 

Bldg# 


First Name 

Room# 


SSN 


Accounts 1 Access Levels Subcustody I Comments | 





DatalD 

BarCode# 

Subject 

Classification 

► 







Figure 7. Personnel Subcustody Form 
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Figure 8 depicts the comment sub-form. This form 
inserts a general comment subform, which allows a user to 
enter any other pertinent information. 


Personnel Form 


Add Personnel Close Form 


PersonnellD 


(AutoNumber) 


Phone# 


Last Name 


First Name 


Bldg# 



Room# 



SSN 


Accounts I Access Levels | Subcustody Comments 


► 



COMMENTS 







H 



Record: Ml II 

1 _>JrLl_l of 1_ 


Record: I < 


4 1 Itlh*! of 4 


Figure 8. Personnel Comments Form 
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IV. 


INTRANET AND DATABASE CONNECTIVITY 


This chapter describes how the intranet website is 
designed and how the site will access the SCIF database. 

A. DREAMWEAVER MX 

Dreamweaver is a web design application that uses 
WYSISWYG (what you see is what you get) design tools and a 
powerful HTML text editor.[4] The application's WYSISWYG 
assists in webpage development by automatically generating 
HTML code for application-defined routine procedures while 
simultaneously allowing the web designer to add code to 
customize webpage development. One of the main advantages 
of using Dreamweaver for web page development is that it 
greatly reduces manual coding for designers. However, an 
elementary level of knowledge is still required to aid in 
trouble shooting errors in Dreamweaver generated code. 
Roundtrip HTML is another unique and useful feature of 
Dreamweaver. This feature allows Dreamweaver to open any 
HTML page created in any other program without any 
alteration to the page.[4] 

B. SCIF SITE DESIGN 

Figure 9 displays the web site architecture. The 
site's homepage is index.htm. All web file names will be 
entirely in lower case to ensure that they will load 
correctly on various platforms. From the homepage the user 
can decide to enter either the form or report choice 


31 



portion of the site. All users will be able to see the 
data detail form and the classified inventory report. 
Access to the other pages will be controlled based on the 
user's authorizations and access level. 


I 

Data Detail Form 


T 


Datamsen ■ 


Data^date ^ 


Data Delete 


UodifKalion Pa^s 


Welcoift Page 
validuser.asp 


i 

Form Ctx>ioe Page 


Person! ^1 Detail 
Form 


Modification Pages 


Legend 



1 * 1 HomePage 

0 

Groups of related pages 

1 Gateway to the site 

a 

Groups of similar 

Relationships between pages 

pages 

and/or components 







Hon^tage 

login.asp 


1 

Invaliduser asp 





1 1 

Personnel Insert ■ 


m 1 

Personnel Update ■ 



i 1 

Personnel Delete ■ 


Report hoice 
Page 


Personnel 


^ I 

Access ■ 


ClassiriedTnventoryl 


NSRIET 

Information 


Figure 9. SCIF Website Conceptual design 
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1. 


Login Page 


All users will be able to access the SCIF Web Page by 
typing in http://<servername>/scifdb or the Internet 
Protocol (IP) address of the machine that hosts the SCIF 
website. The user will be asked to login using their 
username and password. 


3 Login - Microsoft Internet Lxplorer 


Fikj coir ‘.MW Tool* help 

1* [2 't y iebrch HeOiB e 

^ ht1|]: .1iicrihiia.T)T’]bl332:3eaB!<i 


J V --I 





Naval Postgraduate School 
SCIF Database 


Louin 

usenianie; i 
password: 

[ SutantI j 


•%r] Done 


Local intranet 


Figure 10. Login Page 


2. Homepage 


The SCIF homepage. Figure 11, 
naming convention for homepages and 
name index.htm in Dreamweaver MX. 


utilizes the Windows 
was created using the 
It was created using 
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frames. The use of frames allows the user to continuously 
view the homepage while using the center frame to display 
user selected data. The picture below shows the SCIF 
homepage. The homepage top frame contains a picture of 
Herman Hall and Fireworks text graphics. The left frame 
contains a description of the site and gives the user the 
choice to view either forms or reports. 



Figure 11. SCIF homepage 


3 . Form Choice Page 

The Form Choice page. Figure 12, is named 
formchoice.htm. From the homepage you are able to select 
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Forms or Reports. The page below shows the choice if FORMS 


in the left frame is selected. The center frame gives the 
user two view choices; Data Detail Form or Personnel Detail 
Form. 



Figure 12. Form Choice Page 


4. Data Detail Page 

The data detail form is shown in Figure 13. The user 
can use the navigation buttons to scroll through the SCIF 
library using this page. Providing that the user has 
administrator or limited administrator access they will be 
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able to update, insert or delete data pertinent to the SCIF 
library holdings. 


3 SCIF SCI DAIABASt - Microsoft Internet Explorer 


Fife eon FWrtJfteS Tods Het) 

Bade ’ ^ y Searth ‘j ^ Fsi'orttes 

^ fittp:' 1ocdhofit.iPdBKf^ 






Q Co 



Naval Postgraduate School 
SCIF Database 


This database 
Is designed to 
provide 
access to ihe 
NPS SCI 
inventory and 
personnel 
databases. 

Forms 

Reports 


Data Detail Form 


Records 1 to 2 of 13 


Data ID: 10291 

Subject; INFORMATION SYSTEM 

TECHNOLOGY 

Bar Coda: 22345 66 

DtA Production: HKE9568 

Classification: Secret 

Abstract: Lost in space for a new generation 

update delete insert new record 


Originator: NSA 
Copy: 

Date of Material; 
Date Received: 
Media Type: 


First PreviousNc\t Last 


Figure 13. Data Detail Page 


5. Data Insert Page 

The Data Insert Form, shown in Figure 14, and the Data 
Update Form are virtually the same. They differ only in 
the information present when the form is opened; the update 
form will contain data on the selected item while the 
insert form will be blank. The update page will be 
receiving the Data ID number from the Detail Page so that 
the user can update the associated record. Only 
administrator or limited administrators can insert or 
update these forms. 
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3 SCIF SCI DATABASt - Microsoft Internet Explorer 


File CJii 'Ww F8f»oft€< Too*s net) 

lack ■ M ' Search Fartrrtes f-^da 
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Q Co 



This database 
Is designed to 
provide 
access to the 
NPS SCI 
inventory and 
personnel 
databases. 

Forms 

Reports 


Naval Postgraduate School 
SCIF Database 


Data Insert Form 


Subject; 

Bar Code: 

DIA Production: 
Classification: 

Abstract: 


Originator: 

Copy: 

Date of Material iddmmm vvrv) 
Date Received;d<) mmin »>»( 
Media Type: |r<oiio «* ) 


I haetlj [ Reset ] 


Figure 14. Data Insert Form 


6. Data Delete Page 

The data delete page is shown in Figure 15. A record 
is deleted by simply clicking the delete button near the 
bottom of the form. 
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3 SCIF SCI DAI ABASt - Microsoft Internet Explorer 
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Naval Postgraduate School 
SCIF Database 


□ 


Q Co 


This database 
Is designed to 
provide 
access to the 
NPS SCI 
inventory and 
personnel 
databases. 

Forms 

Reports 


Delete Data Form 


Data ID: 10291 

Subject; INFORMATION SYSTEM 

TECHNOLOGY 

Barcode: 22345 66 

DIA Production: HKE9568 

Classification: Secret 


Abstract: 


Originator: NSA 
Copy: 

Date of Material: 
Last Updated: 
Date Received: 
Media Type: 

Lost in space for a ne»v generation 


Delete 


Figure 15. Data Delete Form 

7. Personnel Detail Form 

The Personnel Detail Form is shown in Figure 16. The 
user can use the navigation buttons to scroll through the 
personnel database using this page. Providing that the 
user has administrator or limited administrator access they 
will be able to update, insert or delete data. 
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3 SCIF SCI DATABASE - Microsoft Internet Explorer 
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Naval Postgraduate School 
SCIF Database 


This database 
Is designed to 
provide 
access to the 
NPS SCI 
inventory and 
personnel 
databases. 

Forms 

Reports 


Personnel Detail Form 


Recotdb T to 4 of 11 


Personnel ID: 245 
Last Name: Ambers 
First Name: Vanessa 
SSN: 111-01-1000 
Bldg: 888 
Room: 2 

Phone: (757)444-9999 
Acc«^ LeM'Is: SI TK B'VE 

EU \K 

Comments: 


GO 


SIPERNETID: 
SIPERNET EMAIL: 
UNIX ID: 

UNIX email: 
JDiSSID: 

JDISS EMAIL: 
NSANETID: 
NSANET EMAIL; 
NSANET; 
Completion date: 


Figure 16. 


Personnel Detail Form 


8 


Personnel Update Form 


The Personnel Insert Form and the Personnel Update 
Form, shown in Figure 17, are virtually the same. They 
differ only in the information present when the form is 
opened; the update form will contain data on the selected 
person while the insert form will be blank. Only 
administrator or limited administrators can insert or 


update this form. 
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Naval Postgraduate School 
SCIF Database 


This database 
Is designed to 
provide 
access to the 
NPS SCI 
inventory and 
personnel 
databases. 

Forms 

Repor ts 


Personnel Update Form 

Last Name: 

First Name: 

SSN: nmiiooo 
Bldg: m 
Room: 2 
Phone: 7£ri444«firs 

Access Levels: si B TK B BYE n GG □ 

Ef □ .VK 0 

Comments 


! UpdB)v 


SIPERNETW: 

SIPERNET Email: 

UNIX Id: 

UNIX Email: 

JCHSS Id: 

JDiSS Email: 

NSANETId: 

NSANET Email: 

NSANET: □ 

Complebon date: iddmm yvvy) 


Figure 17. Personnel Update Form 


9. Personnel Delete Form 


The Personnel Delete Form, shown in Figure 18, 
limited administrators and administrators to 
personnel information from the database. 


allows 

delete 
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Naval Postgraduate School 
SCIF Database 



This database 
Is designed to 
provide 
access to the 
NPS SCI 
inventory and 
personnel 
databases. 

Forms 

Reports 


Personnel Delete Form 


Last Name: Ambers 
First Name: Vanessa 
SSN: 111-01-1000 

Access Level: 

Bldg: 888 
Room: 2 

Phone: (757) 444-9999 
Access Levels: SI TK BYE GG 


SIPERNETW: 
SIPERNET Email: 
UNIX Id: 

UNIX Email: 
JDISSId: 

JDISS Email: 
NSANET Id: 
NSANET Email: 


EU NK 

Comments: 

I I 


NSANET: 
Completion date: 


Figure 18. Personnel Delete Form 

C. DREAMWEAVER USER SECURITY 

Control to the SCIF database is enabled using 
Dreamweaver MX user authentication. A dynamic web site 
allows access control of editing and viewing privileges by 
authorized users. [5] Authentication is accomplished by 
adding username, password and access level fields to the 
Access database. Access levels assigned to each page will 
govern users' access to the web pages in the site. The 
SCIF database will have four levels of security embedded in 
the program. 
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1 . 


Administrator Group 


The first level will be an administrator level. The 
administrator will be allowed read, insert, modify and 
delete all personnel and data. Additionally, the 
administrator will have the ability to change the database 
schema. The administrator will have access to the database 
via the database file and the web. The Microsoft Access 
program will be used to make any database schema changes, 
append destroyed data and transfer custody of classified 
documents to personnel. 

2 . Limited Administrator 

The limited administrator will be allowed to read, 
insert, modify and delete all personnel and data records. 
The limited administrator will access the database by 
logging on via the web interface. A limited administrator 
will be able to transfer custody of classified documents to 
personnel. 

3. Extended User 

The extended user will be allowed to read and view all 
of the personnel and data records. The extended user will 
access the database by logging on via the web interface. 
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User 


4 . 

The normal user will only be allowed to view data 
records contained in the SCIF library via the web 
interface. 

D. DREAMWEAVER SITE SECURITY 

Access to each page in the SCIF website is implemented 
by utilizing Dreamweaver's user authentications server 
behavior. Security authorizations are applied to each page 
in the website; this functionality will keep unauthorized 
users from accessing a page based on an access group stored 
in the database table. As detailed in the user's manual, 
the administrator will be responsible for assigning 
usernames and passwords in the database for later recall. 
Table 7 shows how security is applied to each page in the 
database. 
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Page 

Associated Authorization Level 

Homepage 

Administrator, Limited Administrator, 


Extended User, User 

Form Choice 

Administrator, Limited Administrator, 


Extended User, User 

Report Choice 

Administrator, Limited Administrator, 


Extended User, User 

Data Detail 

Administrator, Limited Administrator, 


Extended User, User 

Data Insert 

Administrator, Limited Administrator 

Data Update 

Administrator, Limited Administrator 

Data Delete 

Administrator, Limited Administrator 

Personnel Detail 

Administrator, Limited Administrator, 


Extended User, User 

Personnel Insert 

Administrator, Limited Administrator 

Personnel Update 

Administrator, Limited Administrator 

Personnel Delete 

Administrator, Limited Administrator 


Table 7. Website Authorization Table 
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V. 


SUMMARY 


Several options were explored to determine the best 
method of meeting the database requirements. Since 
Microsoft products are in widespread use at NPS, Access 
2000 was chosen as the relational database. Access 2000 
also has the ability to display data via data access pages 
(DAPs). Research revealed that DAPs have a relatively low 
level of security due to limitations in protecting HTML 
Data Access Pages. Macromedia's Dreamweaver MX was chosen 
to develop the website as it provides better security by 
allowing the developer to assign user level authentication 
security feature to each page. The implementation method, 
detailed in this thesis, addresses the need for the 
consolidation of the two independent personnel and 
classified inventories. Additionally, it allows users to 
access related web pages via the Classified Intranet. By 
default an intranet solution provides for enhanced 
accessibility to the SCIF database for all users on the 
Intranet. As data and user demands grow, future upgrades 
to the database and website should be accomplished by using 
technologies available at NPS. There are several obstacles 
to take into consideration when deciding in upsizing a 
Microsoft database to SQL Server. Specifically, follow-on 
developers need to have VBScript, Visual Basic and SQL 
coding background prior to upgrading to a SQL server. 
There are features in Access that do not convert to the SQL 
model. For example macros, subform features and repeating 
drop down menus must be coded manually to duplicate 
existing functionality. Additionally research must be 
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taken to investigate potential interoperability problems 
between chosen technologies. 
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APPENDIX I ADMINISTRATOR USER MANUAL 


The administrator will need to routinely accomplish 
several tasks in maintaining the website and database. 

To setup an Open Database Connection (ODBC) the 
administrator will click the start in windows and follow 

the path: control panel > aciministrator tools > Data 
Sources ODBC. Select the System DSN and ensure there is a 
connection named SCIF with a Microsoft Access Driver 
(*.mdb) . If the DSN does not exist create one using the 
add button. 


tlODBC Da< Source Administrator 


User DSN System DSN j File DSN | Dnvers | Tracing | Connection Pooling | .About 
System Data Sources: 


Name Driver 


.Add... 


Global Car Micicsoft .Access Dover C.mdb) 
^3 Microsoft .Access Dover (".mdb) 
sql SQL Server 


Remove 


Configure.. 


An ODBC System data source stores infomiation about how to connect to 
the indicated data provider. .A System data source is visible to all users 
on this machine, including NT services. 


OK 


Cancel 


Help 


I 

4 - 


Use to add 
if DSN does 
not exist 


47 





























Once the administrator presses the add button the follow 
screen will appear. 



Select the 
directory 
the 

database is 
located in 


Click ok and setup is complete. 


The Startup form contains three Title areas: Database 
Management (Dbase Mgmt), Forms and Reports. The append 
destroyed data action button located beneath Dbase Mgmt is 
used to append destroyed data information to a destroyed 
data table and then delete the information from the data 
table. 


Located in the forms column are the data, personnel, 
and username/password action buttons. The data form is 
used to enter data related information. The personnel form 
is used to enter personnel related information. The 
username and password form is used to enter usernames and 
passwords for intranet access to the SCIF webpage. The 
default user level when a new person is entered into the 
database is user. The administrators can increase user 
privileges as needed using the username and password form. 
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Located under the reports column are action buttons 
for destruction reports, data location, personnel access, 
individual subcustody report and NSANET reports. To print 
a report select desired action button. 

1. Startup Form 
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Press 

1st 


As shown, once you click append destroyed data action 
button a message will indicate "You are about to run an 
append query that will modify data in your table." "Are 
you sure you want to run this action query?" Click Yes to 
append data from the data table to the destroyed data 
table. Click No to cancel action. 


2 . Append Destroyed Data 


s 
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Press 

2nd 


NSANET 






f> 3Bftup : Rum 


Once the user clicks Yes, a new Access information box 
will pop upon with a statement "You are about to append # 
row(s) . Once you click yes, you can't use the undo 
command to reverse the changes. Are you sure you want to 
append the selected rows?" The # sign indicates the 
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number of rows that will be appended. If the displayed 
statement is correct press Yes. 

Append Destroyed Data cont. 



Next the delete records query will run. A message will 
come up that indicates. "You are about to delete # 
row(s) from the specified table? Once you click yes, you 
can't use the undo command to reverse the changes. Are 
you sure you want to delete the selected records?" Click 
Yes to delete records. Click No if you do not want to 
update you Data table by deleting destroyed data. 
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3. 


Enter Data 



a. DatalD - an autonumber that is generated by Access, 
the user cannot manipulate this number 

b. BarCode# - enter 7 digit barcode number 

c. Originator - enter originator name 

d. DIA Production # - enter DIA production number 

e. Copy# - enter copy number if applicable. 

f . Date of Material - enter publication date of material 

g. Subject - enter subject of material 

h. DateReceived - enter the date received by command 

i . Abstract - enter abstract as appropriate 

j. Safe # - enter safe number 1 thru 24 

k. Drawer # - enter drawer number 1 thru 4 

l. MediaType - enter media type from the dropdown menu 

m. Classification - enter classification from dropdown 
menu 

n . AccessLevel - enter access level from dropdown menu 
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o. LastUpdated - filled in automatically from Access when 
data is modified 

p. Destroyed - check box if material has been destroyed 

q. DateDestroyed - enter the date material is destroyed 

r . Destroyedby - enter person conducting destruction 

s . Witnessedby - enter person witnessing destruction 

t . AuthorizingPerson - enter person authorizing the 
destruction 
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Enter Personnel and Account Information 



a. PersonnellD - is an autonumber that is generated by 
Access, the user cannot manipulate this number 

b. Last Name - enter last name 

c. First Name - enter first name 

d. SSN - enter social security number 

e. Phone# - enter work phone number 

f . Bldg# - enter work building number 

g. Room# - enter room number 

h. NSANET ID - enter National Security Agency Network 
identification 

i. NSAET Email - enter National Security Agency email 
address 

j . Completion Date - enter NSA completion date 

k. JDISS ID - enter Joint Deployable Intelligence Support 
System (JDISS) identification 

l. JDISS EMAIL - enter JDISS email address 

m. UNIX ID - enter UNIX identification 
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n. UNIX EMAIL - enter UNIX email address 

o. SIPRNET ID - enter Secret Internet identification 

p. SIPRNET EMAIL - enter SIPRNET email address 

5. Enter Access Level 

The Access level subform has a checkbox next to each 
associated access level. The user will check the boxes 
that correspond to the person's level of access. 
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5 . Enter Subcustody information 


To transfer subcustody data to an individual the 
administrator will select the person to Subcustody data to. 
Then select the Subcustody subform and press the DatalD 
drop down menu to select data to be assigned. 
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6. Comments 


Comments can be entered by selecting the comments 
subform and enter comments as desired. 
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7 . Print Destruction Report 


This report shows data that has been destroyed. The 
report is formatted to display the Barcode, Subject, Copy 
number, classification and date of destruction. The form 
also has signature blocks for the people conducting and 
witnessing the destruction. 
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9. 


Print Data Location Report 


The Location Report shows where each piece of data is 
stored. The report displays the location of data by safe 
number, drawer number, barcode number, subject and 
classification. 
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10. Print Personnel Access Report 

The Personnel Access Report lists all personnel in the 
database along with their associated access levels. 
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11. Print Individual Subcustody Report 

The Subcustody report shows a list of all the data a 
person has issued to them. It lists the information by 
last name, first name, social security number, subject and 
classification. 
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12 . Print NSANET Report 


This report shows all the people that have completed 
the NSANET course. The report displays the data by last 
name, first name, social security number and the date the 
course was completed. 
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13. Enter username and password 


This form is used to enter username, password and 
usergroup fields. The PersonnellD, Last Name and First 
Name fields cannot be modified using this form. This form 
only allows modifying the username, password and usergroup. 
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